Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2279

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-2279
Last Modified 07 Mar 2011 09:35:52
Published 09 May 2006 10:14:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2279

Summary

Multiple SQL injection vulnerabilities in SaphpLesson 3.0 allow remote attackers to execute arbitrary SQL commands via (1) the Find parameter in (a) search.php, and the (2) LID and (3) Rate parameters in (b) misc.php.

Vulnerable Systems

Application

  • Arabless Saphplesson 3.0


References

VUPEN - ADV-2006-1708

BUGTRAQ - 20060504 SaPHPLesson 3.0 Multbugs

SECUNIA - 20034

XF - saphplesson-search-misc-sql-injection(26293)

BID - 17848

OSVDB - 25363

OSVDB - 25362

SREASON - 862


Last Updated: 27 May 2016 10:42:24